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ABSTRACT 

Now that the NASA Commercial Crew Program 
(CCP) is beginning its full certification contract for 
crew transportation to the International Space Station 
(ISS), is it time for industry to embrace a minimum 
set of core safety attributes? Those attributes can 
then be evolved into an industry-led set of basic 
safety standards and requirements. 

After 50 years of human space travel sponsored by 
governments, there are two basic conditions that now 
exist within the international space industry. The 
first, there is enough of a space-faring history to 
encourage the space industry to design, develop and 
operate human spaceflight systems without 
government contracts for anything other than 
services. Second, industry is capable of defining and 
enforcing a set of industry-based safety attributes and 
standards for human spaceflight to low-Earth orbit 
(LEO). This paper will explore both of these basic 
conditions with a focus on the safety attributes and 
standards. In the United States, the Federal Aviation 
Administration (FA A) is now starting to dialogue 
with industry about the basic safety principles and 
attributes needed for potential future regulatory 
oversight. This process is not yet formalized and will 
take a number of years once approval is given to 
move forward. Therefore, throughout the next few 
years, it is an excellent time and opportunity for 
industry to collaborate together and develop the core 
set of attributes and standards. As industry engages 
and embraces a common set of safety attributes, then 
government agencies, like the FAA and NASA can 
use that industry-based product to strengthen their 
efforts on a safe commercial spaceflight foundation 
for the future. 

As the commercial space industry takes the lead role 
in establishing core safety attributes, and then 
enforcing those attributes, the entire planet can move 


away from governmental control of design and 
development and let industry expand safe and 
successful space operations in LEO. At that point the 
governmental agencies can focus on oversight of the 
industries’ defined standards and enforcement for 
common welfare of the space-faring populous and 
overall public safety. 

CURRENT STATE 

At this time, during the summer of 2014, the state of 
the commercial spaceflight industry self-regulation is 
still very immature. For human spaceflight, most 
industry players have continuously looked to NASA 
and the CCP to drive the design and operational 
requirements for a LEO system. In the United States 
there were various opportunities to debate and adjust 
the draft and preliminary CCP requirements. 
However, most of the discussion on the CCP 
requirements were driven around the potential service 
to ISS, thus becoming a single mission, a single 
design reference mission type of discussion and 
debate. 

Until recently, the FAA charter has been focused on 
the regulation of public safety only. Overall, it’s an 
extremely critical element of the aerospace industry’s 
business model. However, it’s still a subset of the 
larger overall package needed for safety attributes for 
the entire mission cycle of human spaceflight 
activities. The FAA has begun to package a series of 
practices for safe human spaceflight in the suborbital 
and orbital arena. These practices are an excellent 
start on creating a dialogue for industry and 
government to synthesize the realm of potential 
safety requirement or attributes. As the FAA 
developed its set of practices, it included preliminary 
input from various industry representatives and from 
the expertise of NASA and the CCP. The initial 
release is expected this year and it can be the impetus 
for further debate within the U.S. commercial 


1 



spaceflight industry and, in fact, partnered with the 
larger international space-faring community. 
Organizations such as the International Association 
for the Advancement of Space Safety (IAASS) and 
the Commercial Spaceflight Federation (CSF) are 
also getting involved in discussion and producing 
some reports on standards and attributes for the 
industry to debate. These non-governmental 
organizations are the key to developing and 
sustaining an industry-based set of safe attributes. In 
2010, IAASS published a Space Safety Standard for 
Commercial Human-Rated Systems [1] for industry 
to use and debate. CSF is beginning to produce a set 
of preliminary standards under its organization for its 
members to debate and discuss. 

As the industry moves into the next year, there are 
copious amounts of information for an attribute-type 
debate within the community to discuss. As an 
analogy, the sailing ship of “self-regulation and 
innovation” has encountered a new stiff breeze and is 
looking for the opportunity to sail into serious, 
product debate and discussion within the commercial 
spaceflight community. 
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NASA COMMERCIAL CREW PROGRAM 

The ultimate goal of the NASA Commercial Crew 
program (CCP) is to facilitate the development of a 
U.S. commercial crew space transportation capability 
for safe, reliable and cost-effective access to and 
from low-Earth orbit (LEO) and the International 
Space Station (ISS). There are three additional 
objectives to CCP’s primary goal. 1) Develop and 
implement a strategy that stimulates the U.S. space 
transportation industry and encourages the 
availability of space transportation services to NASA 
and others. 2) Mature the design, development, 
demonstration and certification of U.S. Crew 
Transportation System (CTS) capabilities. 3) Utilize 


an alternate business approach by investing in U.S. 
aerospace industry CTS design and development. 

In order to help stimulate the industry, the CCP 
initiated a series of draft requirements in 2011. 
Known as the CCT-PLN-1100 [2] series, NASA 
detailed its set of safety and performance 
requirements. It was the first comprehensive NASA 
public set of potential requirements for the 
commercial human spaceflight industry to use for 
LEO capabilities. Many of the draft requirements 
could also be used for a potential LEO services need. 
However, embedded within the series were a set of 
common attributes that, over the long run, may be the 
appropriate contribution to key safety attributes for 
the industry. The requirements were broken down 
into top-level safety requirements, with fault and 
failure tolerance as critical attributes. In addition, an 
approach to factors of safety, redundancy and human- 
in-the-loop attributes were also highlighted. The 
NASA CCP set included a collaborative way to 
address NASA design standards, whereby NASA 
identified a set of standards and the elements NASA 
deemed important within the standard. That allowed 
industry to bring forward alternate solutions to the 
NASA standards, which meet the intent of the 
important elements. Although this approach allows 
for innovation, it also sets a “bar” for design 
standards for industry to work toward. In addition, 
the NASA CCP draft requirements dealt with the 
necessary processes needed to ensure a proper level 
of risk management, configuration and flight 
preparation control. Finally, the draft requirement set 
addressed operational standards for pre-launch and 
in-flight operations. This was a first for NASA and 
the industry to document a set of top-level attributes 
for operating human space systems in LEO, and 
makes those attributes available to any U.S. 
commercial space industry organization. As the 
NASA CCP effort progressed, the draft set of 
requirements made to stimulate and encourage 
innovation and investment in LEO human spaceflight 
were solidified into a set of approved requirements 
for the purpose of finishing development work and 
imminent services for the NASA specific need of ISS 
crew transportation. Of course at that point the 1100 
series moved from a set of attributes and concepts for 
safe LEO spaceflight to a specific need driven by a 
contractual element. [4] Industry must now take the 
effort to the next level of creating its own set of 
industry-led key attributes for safe suborbital and 
orbital spaceflight. 
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FAA ESTABLISHED PRACTICES 

The FAA Office of Commercial Space 
Transportation (AST) has been focused on public 
safety. Its authority to date is centered on regulations 
for licensing spaceports and space operators for the 
purpose of public safety. A common good the U.S. 
government should be involved with as it protects the 
general public. Throughout the past few decades, the 
AST has matured the regulations and enhanced the 
Commercial Space Launch Act (CSLA) authority. 
The AST has also been a proponent of a robust and 
innovative commercial space industry. Many of the 
recent activities have been focused on expanding and 
building a robust industry to eventually include, 
human spaceflight occupant safety. The AST is now 
developing a document to share its thoughts about 
established practices for human spaceflight occupant 
safety. [3] The ultimate goal of the document is to 
gain consensus among government, industry and 
academia on established practices as a part of the 
AST’s mandate to encourage and promote continuous 
improvement of the safety of launch and re-entry 
vehicles to carry humans. The rule-making timeline 
is a long and highly regulated process. The purpose 
of the established practices approach is to encourage 
dialogue and early discussion within the commercial 
aerospace community long before the rigid rule- 
making process begins. 

The draft document was released about a year ago 
and the first official release occurred recently. There 
are two basic levels of care the document addresses. 
One is a level of safety needed to help ensure the 
spaceflight occupants will not experience an 
environment that could cause death, and second, a 
level of safety to ensure the system can be operated 
during critical safety operations. 

The established practices framework outlines three 
key pieces of human spaceflight capabilities: design, 
manufacturing and operations. The design portion is 
broken into sections concerning flightworthiness, 
human systems and interactions, and design 
configuration and safety. The manufacture portion 
addresses the continuity of the design into and 
through the manufacturing and assembly processes. 
The operations portion addresses planning, 
procedures, operational system aspects and training. 

Similar to the NASA CCP requirements, the AST 
document also addresses redundancy, structural 
margins, risk management and operational authority. 
Unlike the NASA CCP requirement set, the AST 
approach does not apply to a specific need or design 
reference mission, but rather to an approach for 


overall system safety to a human spaceflight system. 
Integration of the various aspects of the system, its 
design and operations are included. The document 
incorporates the critical pieces to the overall level of 
safety for a human system. 

The AST document and approach can be used by 
industry to promote dialogue and collaboration. The 
AST approach is the U.S. government’s attempt to 
stimulate that much needed conversation and to 
encourage industry to take the next step in 
developing a commercial spaceflight industry-based 
set of attributes. 
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INDUSTRY ASSOCIATIONS 

A few industry organizations have also begun to 
discuss, debate and publish some levels of safety 
attributes and standards. The most notable to date, is 
the (IAASS) Independent Space Safety Board 
publication of a safety standard for commercial 
human-rated systems. (IAASS-ISSB-S-1700-RevB). 
It was released in early 2010. The document is a set 
of standards for any commercial system that intends 
to have a human rating for both suborbital and/or 
orbital flight. It is a comprehensive approach to a set 
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of standards for design and operation of a system. It 
is broken into three basic areas: technical 

requirements, vehicle design requirements and 
certification activities. The technical requirements 
center around the safety processes and focus on 
hazardous conditions. The vehicle design 
requirements focus on redundancy, materials and 
subsystem parameters. The certification section 
focuses on hazard analysis and related system safety 
activities. This effort is a very good start to engage 
and enhance the safety aspects of a human 
spaceflight system. Produced by a non-governmental 
agency, it also moves the discussion in the 
appropriate direction, to where industry and the 
industry organizations can lead the future discussions 
and efforts toward an industry-based set of key 
attributes. 

The Commercial Spaceflight Federation (CSF) within 
the U.S. has also begun to develop a common set of 
standards for its members to debate, discuss and 
eventually support as a part of the CSF organization. 
The CSF approach is an excellent opportunity for the 
commercial spaceflight industry to use one of the 
organizations it initiated to lead the effort of industry- 
developed safety attributes. The membership of the 
CSF includes companies interested in both suborbital 
and orbital flights. In addition, newer companies as 
well as well-known companies participate in the CSF 
activities. It is this diverse and innovative set of 
industry participants who can collaborate in the best 
way to establish a set of attributes and then use the 
organization to encourage adherence to those 
attributes. This approach and leadership by 
organizations, such as the CSF, and support from 
international safety organizations, such as the 
IAASS, can create an enormous momentum shift for 
the industry and enrich the approach to safe human 
spaceflight. 
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FOCUS AREAS TYPES 

There are a number of areas an industry-based set of 
attributes should concentrate. These areas, in short 
include: 1) Failure tolerance and redundancy, 2) 

structural and performance margin attributes, 3) 
escape systems, 4) configuration control for design of 
hardware and software, 5) system risk management 
attributes, 6) operational attributes, and 7) system 
safety attributes. 

Each of these areas need focused attention. In the 
past, these areas have received differing levels of 
acceptance within the aerospace industry. In 
addition, each of these areas has been an area of 
debate and tension between commercial spaceflight 
industry partners and government agencies. Without 
a core set of attributes concerning these areas, the 
political and social environment surrounding the 
perception of the commercial spaceflight industry 
may be hard to overcome. 

A description of each of the areas of focus follows: 

Failure Tolerance and Redundancy 

Every design has to weigh the balance between 
redundancy and performance. The common axiom of 
“more redundancy equals safer systems” is simply 
not true. Instead, it is a combination of failure 
tolerance, redundancy and reliability of the 
components and subsystems. Therefore, keys 
attribute of a two-fault tolerant system or single-fault 
dissimilar redundant system must be balanced with 
an appropriate and measured level of reliability and 
criticality of the system. A key attribute led by 
industry would be an overall failure tolerance 
capability of the system to protect the crew and 
occupants and perform a successful mission. 

Structural and Performance Margin 
Attributes 

Within the design environment, higher margins 
usually means more mass and more cost to 
implement. However, structural margin is a 
legitimate approach toward dealing with unknown 
loads and environments on the structure. Therefore, 
it is critical that some level of structural design 
margin be applied to designs, especially in the early 
stages of flight operations and as the environments 
are being refined and expanded. As a key attribute, a 
level of structural margin should be included based 
on the unknowns in the environment of the system 
and the uncertainty in the design analysis. The 
traditional level of 1.4 over expected design 
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operating limits could be an appropriate level if the 
evaluation of the key attribute is to be fully 
recognized. 

Performance margin can be displayed and 
appropriated in many different aspects of the design 
and operation. The key attribute should use a similar 
process as structural margin in determining a level of 
margin to account for expected uncertainty and 
unknowns. 
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Escape System 

The debate over the need for escape systems on space 
vehicles has been going on as long as there have been 
humans in space. For many vehicles, an escape 
system may not be required. However, when there 
are high risks, including high energy and high 
dynamic activity during ascent it is a critical piece of 
the system architecture to include an escape system. 
The key attribute is to set threshold limits as to when 
an escape system should be included. It depends on 
the high energy and high dynamic forces along with 
the reaction timing that make an escape system a 
useful core safety attribute. 

Configuration Control for Design of 
Hardware and Software 


System Risk Management 

Every company and every system have a different 
level of risk threshold. Even at different times 
through the system lifecycle the risk tolerance may 
differ. The key attribute here is not to set a standard 
of risk tolerance, but to adhere to a flight safety risk 
approach as an industry. The commercial spaceflight 
industry as a whole should embrace a set of key risk 
attributes so all members of the industry can have a 
level of confidence in the overall risk tolerance. The 
FAA has a risk level for public safety known as Ec. 
NASA has an expectation of system safety risk 
through its Probability Risk Assessment process. For 
current commercial crewed missions it is loss of crew 
above roughly 1 in 250. Industry could set itself a 
key attribute of a threshold and goal for inherent crew 
and occupant risk and a standardized process to 
evaluate that risk level. 

Operational Attributes 

As a system becomes operational, additional 
elements are added to the overall design and 
implementation of the system. Those additional 
elements include operational personnel, command 
and communication systems, and data monitoring and 
interpretation. Training of the personnel not only in 
the operational systems, but also with a clear 
understanding of the vehicle systems, its design 
limits and performance is essential to a safe and 
cohesive operation of the system. A key attribute 
concerning the breadth and depth of the type of 
training needed could be established so that the 
industry has an appropriate approach to incorporate 
the operation aspects of the mission into the overall 
safety level of the system. Again, both the FA A/AST 
and NASA/CCP have some regulations, requirements 
and suggestions for the commercial industry to use as 
starting points for this critical attribute set. 

System Safety Attributes 


Core safety attributes are not only in design and 
components but also just as critical in processes. The 
best and safest design can be mired by a lack of 
design configuration control. Therefore, a key 
attribute is the adherence to a set of standards related 
to configuration control. That is, what is designed is 
implemented as designed, assembled as designed and 
operated as designed. Configuration control is 
important across all aspects of the system, including 
vendor design, software, firmware, launch site 
activities and operational procedures. 


Safe flight is always the goal, but many times the 
safety process and the system safety approach is an 
afterthought and not part of the mainstream design 
process. Throughout the years, tools like Hazard 
Analysis and Failure Modes and Effects Analysis 
(FMEA) have been used to connect the design 
activities to system safety approaches. Many times 
these system safety tools are “lagging” indicators of 
the potential design problems and operational usage 
issues. A key attribute could be the importance of an 
integrated system safety approach within the design 
development process and a continuation of the 
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system safety approach well into operations. The use 
of the Hazard Analysis and FMEA tools could be 
emphasized without dedicating an exact method or 
format for the tool’s usage. If the system safety 
process is embedded in the design and operational 
lifecycle, it can go a long way toward enhancing 
credibility with the commercial spaceflight industry. 
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CONCLUSION 

Safe flight and mission success is the goal of every 
space adventure and scientific mission. Commercial 
human spaceflight is no exception. After NASA 
retired the space shuttle in 2011, an excellent 
opportunity has opened to allow the commercial 
spaceflight industry to step in and step up to the role 
of providing access to LEO for human spaceflight 
missions. As the U.S. government encourages 
commercial human spaceflight through the joint 
development partnerships under the NASA/CCP 
effort and through the FAA licensing approach for 
commercial spaceflight, the timing is right for 
industry to take a lead role in establishing a safety 
approach for commercial human spaceflight. Fifty 
years of human spaceflight experience has a large 
database of knowledge and lessons. The commercial 
spaceflight industry is now robust enough to support 
industry-wide organizations that can help promote a 
safety culture within its ranks. This can be 

accomplished without government direction, but 
rather with expertise from all comers of the human 
spaceflight community. Industry organizations, such 
as CSF and IAASS, can lead the way to drafting, 
discussing and eventually establishing a set of key 
safety attributes that members of the organizations 
can accept and enforce among themselves. Key 
attributes in the areas of failure tolerance, margins, 
escape systems, configuration control, risk, 

operations and system safety can be developed and 
used to further develop standards for the commercial 
spaceflight industry to embrace. The time and the 


opportunity are perfect for industry instead of 
governments to lead this activity. By embracing an 
industry organization approach to safety attributes, 
spaceflight systems developed and the industry 
perception and culture of the commercial spaceflight 
industry can all gain tremendous leaps in maturity as 
the 21 st century evolves. 
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